Bug 2055460

+++ This bug was initially created as a clone of Bug #2009651 +++

Description of problem (please be detailed as possible and provide log
snippests):

Current definition of a UpdateService deployment has "IfNotPresent" as a imagePullPolicy defined, which blocks updated graph-data images to be used. "Always" should be used for the initContainer.

      initContainers:
        - name: graph-data
          image: 'registry.example.com/ocp4/graph-data:latest'
          resources: {}
          volumeMounts:
            - name: cincinnati-graph-data
              mountPath: /var/lib/cincinnati/graph-data
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          imagePullPolicy: IfNotPresent      <== should be Always


Version of all relevant components (if applicable):

update-service-operator.v4.6.0
registry.redhat.io/openshift-update-service/openshift-update-service-rhel8-operator@sha256:08b4fc72501e5f7dfdd779e101d98b913d77982c021998f47b3cdc0367d7e0fa
registry.redhat.io/openshift-update-service/openshift-update-service-rhel8@sha256:9748a280f2a04524da739d2f8b7d8a74c5b58170c9c40b3e40904dd8ca39fbe8

Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?

The initial deployment of a update-service will pull an graph-data image tagged "latest" - but subsequent updates to that image will not get pulled as this tag already exists on a node. The only way to mitigate that effect is to use different tags for the graph-data images. This on the other hand requires additional adjustments made to the update-service CR.

Is there any workaround available to the best of your knowledge?
Changing graph-data image tag from "latest" to a incremental one.

Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?
1

Can this issue reproducible?
yes

Can this issue reproduce from the UI?
yes

If this is a regression, please provide more details to justify this:


Steps to Reproduce:
1. install and deploy OUS according to the docs
2. create graph-data image as described in the docs
3. verify OUS functionality, rendering data of graph-data at that time.
4. whenever a update version of the update graph is available, update the graph-data image
5. OUS won't make use of updated graph-data image as <image>:latest is already on the node - even though it changed.


Actual results:
Outdated graph-data image will get used.

Expected results:
graph-data image is pulled every time to maintain current data.

Additional info:

--- Additional comment from Andreas Bleischwitz on 2021-10-01 07:47:25 UTC ---

If I'm not looking at the wrong point, the following needs to get changed:

https://github.com/openshift/cincinnati-operator/blob/f4aae3fdaaf8174f2159437f796b775e9b7efe52/controllers/new.go#L425

		Image:           instance.Spec.GraphDataImage,
		ImagePullPolicy: corev1.PullIfNotPresent,
		VolumeMounts: []corev1.VolumeMount{

to
		Image:           instance.Spec.GraphDataImage,
		ImagePullPolicy: corev1.Always,
		VolumeMounts: []corev1.VolumeMount{

Or remove the line containing "ImagePullPolicy:" completely as the default is:

// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.

Which probably is the best option for this image.

--- Additional comment from liujia on 2021-10-08 01:33:56 UTC ---

A known issue? Refer to https://bugzilla.redhat.com/show_bug.cgi?id=1939855.

--- Additional comment from W. Trevor King on 2021-10-08 01:49:00 UTC ---

hah, yes.  I'll close this one as a dup and attach my PR to the older issue.

--- Additional comment from Lalatendu Mohanty on 2022-02-17 02:46:31 UTC ---

As per comment in https://bugzilla.redhat.com/show_bug.cgi?id=2048825#c4 , looks like this bug is fixed by https://github.com/openshift/cincinnati-operator/pull/133